A huge DNS exploit could take down chunks of the internet

Last week the Internet Systems Consortium released a patch for a serious vulnerability in BIND, one of the most popular Domain Name Servers that’s bundled with Linux.

The incident number CVE-2015-5477 details an exploit that allows a remote, unauthenticated attacker to crash DNS servers using BIND by sending a specially crafted command. There’s no specific way to protect against the attack, other than installing the patch immediately.

The attack is reportedly so trivial that a single hacker could take down large chunks of the internet in a single move. All they would need to do is simultaneously crash enough DNS servers to cause a noticeable outage and serious implications for the internet.